Top 5 Misconceptions about AML KYC and Compliance Obligations

Share on Linkedin
Share on Twitter
Share on Facebook
Share on Whatsapp

By Maciej WALOSZYK – Managing Partner of Cascade LAB*

Although, AML KYC and Compliance laws and regulations are well established for some time now, with Luxembourg spearheading the implementation and execution, they are still treated a bit like Monday traffic on your way to the office. It is there, you somehow get accustomed to it, it costs you a lot of time (and money) and it does not disappear even if you close your eyes. Just like in traffic, if you don’t pay attention to it, you may end up in a crash with possibly severe consequences – only in this case, with the authorities…

At Cascade we provide a proper navigation through that traffic and your AML KYC and Compliance duties, saving you time, money and greatly reducing the risks. In last month’s we have spoken to many market participants and unfortunately there are still many misconceptions present, which we thought it would be good to tackle with this article.


  1. ‘’We have outsourced AML KYC to Central Administration’’


We hear this potentially dangerous statement too often. Yes, you are an AIFM – licensed or registered and you delegated some of your duties to the Central Administration/Transfer Agent. We mention ‘some’ duties as typically, such outsourcing agreement relates only to AML KYC on the investors and occasionally also the portfolio companies, and here piece of advice – make sure that this is clearly stated in the agreement you have signed with your provider.

Even if you do outsource those elements, you are still the driver with full responsibility on how you drive. As a licensed or registered AIFM or Manco you need to apply a risk based approach to your delegated parties and other counterparties, meaning that you need to know with whom you are working. Yes, we are speaking about that particular Central Administration or TA among others. In other words, you may have smaller AML KYC volumes but you still need to follow a Risk Based Approach nevertheless.

Also, as a Private Equity/Venture Capital or RE manager, you identify portfolio investments and you talk to potential investors some time before they are formally onboarded and verified by the Administrator. Surely, you would like to avoid spending and wasting your time on talking to someone you shouldn’t be talking to, or risking reputational damage by passing such a file to the administrator once you decided to proceed.

Lastly, you may recall the recent CSSF questionnaire on AML which was supposed to be submitted by mid-April – those questions are applicable to you for good reason – it is expected that you have the right answers.


  1. ‘’We are not licensed AIFM but registered one, so we have limited obligations’’


I mentioned the CSSF AML Questionnaire above for a reason. Even though you are a registered AIFM managing a relatively small fund and you have possibly outsourced part of your AML duties on investors and portfolios, you are still being questioned on your AML processes, hence the questionnaire you recently filled in. One of the questions related to how frequently you perform name screening? Many firms are still paying per check, believing it is more economical, though sanction lists are updated very frequently, particularly in recent weeks, meaning that you are at risk of missing a change. Private Equity investments represent by default a high-risk rating. Knowing the UBOs, intermediary owners and having them properly registered and monitored is not only your obligation, but a process of maintaining your reputation towards your LP’s.


  1. ‘’We already have a name screening tool’’


Another frequent feedback we receive, though sticking to the traffic analogy, it is similar to describing your car by stating it has four wheels… To properly manoeuvre on the road, you will also need have at least a steering wheel, engine, body structure and navigation showing you more efficient routes. Executing a risk based approach means identifying the persons you are dealing with, analysing the ownership structure and intermediary owners, gathering documentation while monitoring their expiration and review dates etc… Those firms which are equipped with the name screening tools not only need to move their client data to those tools to perform the screening, so effectively multiplying databases of client information, but also in most cases create and keep individual excel spreadsheet for each client in which some of the elements of the risk based approach are kept. This means hundreds of spreadsheets making monitoring difficult. Those clients which are at the same time directors in company A, shareholders in fund B and Beneficial Owners in company C will most likely be kept in 3 separate folders and spreadsheets and their data will be copied and stored 3 times. Executing your AML KYC and compliance needs by using only a Name Screening tool is like driving your car in a heavy traffic 100m behind the car ahead. You may be thinking it is fine and safe but it is not. You are not up the speed and you create congestions behind you!


  1. ‘’We don’t need the system, as we work only with institutional or low risk clients’’


It sounds like you would imply that you don’t need the car insurance as you drive very slowly and in a completely new car. Of course, you need both, and despite the lower risk of clients you still need to document the route you took that led you to the judgment that it is indeed a low risk client. Also, institutional clients tend to have elaborated ownership structures. Analysing, collecting, storing and performing ongoing monitoring of such clients doesn’t necessarily mean an easier job for to do. Your files will require less frequent reviews, though your responsibilities remain the same.


  1. ‘’We don’t need the system, as we are a small firm’’


This typically means that ‘’we have no budget’’ or that ‘’we love our excels’’. Regardless of your size, proper organisation of your client files will not harm you and will definitely put a smile on the faces of your auditors. Centralisation of your client database, with an embedded and complete AML KYC framework, will also ensure consistency in your process. We are aware that not everyone on the road is a Formula 1 driver. Much in a same way as small organisations may not have sufficient resources or expertise in AML and compliance matters. That is why a proper system not only will allow you to take a rest on the back seat but also guide you and navigate you through your duties.

*Cascade is an award winning Luxembourg based company offering Administrative, Compliance and Governance solutions. Our system is used in 8 different countries, by Manco’s, AIFMs, Corporate Administrators, Law Firms, Consulting firms amongst others. It excels in the AML and Compliance field by centralizing and organizing client data (i.e. companies, funds, counterparty registries) and provides a complete AML KYC framework through which all your AML duties are executed in an efficient guided process flow.